Imagine you are handed this device and asked to get root on it as quickly as possible. No further information is given. Where would you begin? (If you just want to see the router get rooted, jump down to "Mounting an Attack: Rooting a Home Router" ;-)
Our target: A VERY common/popular consumer Access Point.
Since you have the device in your hands, you might try directly attacking the hardware. However, if you've never done any kind of hardware hacking, getting started can be intimidating. In this post, we are going to talk about the fundamental information you need to know to use JTAG for hacking hardware. We'll also go over a quick example to illustrate the power of direct hardware access.
JTAG is a common hardware interface that provides your computer with a way to communicate directly with the chips on a board. It was originally developed by a consortium, the Joint (European) Test Access Group, in the mid-80s to address the increasing difficulty of testing printed circuit boards (PCBs). JTAG has been in widespread use ever since it was included in the Intel 80486 processor in 1990 and codified as IEEE 1491 that same year. Today JTAG is used for debugging, programming and testing on virtually ALL embedded devices.
In this new world of "Internet of Things" and billions of networked embedded devices, it is crucial for device manufacturers to bake security into their new designs before they leave the factory. Here are five tips from a team of security researchers who make a living reverse engineering (hacking) into IoT devices on behalf of industry clients.
Explosive growth of networked embedded devices and a shifting threat landscape require a new approach to IoT Security. Here is why.
Why is Everything Connected Now?
Not a day goes by without a story of a new “smart” device being launched. A perfect storm of new enabling technologies is driving the adoption of Internet-connected devices: The rise of inexpensive Systems-on-a-chip (SOCs) running full operating systems has effectively eradicated many industry use cases for expensive, custom application-specific integrated circuits (ASICs). Any product developer, hobbyist or high-schooler can use an off-the-shelf low-cost computing device like the Raspberry Pi and launch a functioning product in under three months of development. The commoditization of hardware, coupled with rapidly decreasing cost of bandwidth and processing has lead to an explosion of Internet-connected devices. Most of the buzz has been focused in the consumer space with smart toasters, kettles, and diapers?! The proliferation of useless novelty devices has led to a fatigue with the term “Internet of Things” causing Goldman Sachs to quip in 2014 “you cannot spell idiot without IoT”.
In our last post we talked about a vulnerability discovered in the D-Link DCS-930L Cloud Camera. Since then the Senrio Research Team has been working closely with the D-Link Security Incident Report Team. Below we disclose technical details of our efforts.
In today’s age of constant connectivity the allure of remotely checking on your home and loved ones is appealing and manufacturers of Wifi Cameras promise a “second set of eyes around the home or office.” However, you may not be the only one peeping in. The dangers of unsecured webcams and baby monitors have been reported in 2014 with cautionary tales warning consumers to change their default passwords. So that’s the end of the story, right? Adding a password will protect me from creepy strangers looking into my home. Not so fast. Researchers at Senrio discovered a vulnerability in a popular Wifi camera that lets attackers overwrite the administrator password.
Cybersecurity Researchers Launch Solution to Address Inherent Vulnerabilities in Network Embedded Devices, with Focus on Healthcare, Critical Infrastructure and Corporate Environments
Portland,OR: Today, Senrio, an Internet of Things (IoT) cybersecurity solution, emerges from stealth mode with the launch of an IoT network cybersecurity platform that provides visibility and defense for networked embedded devices (NEDs) used in healthcare, critical infrastructure, retail and corporate environments.
Senrio in the press!
IoT Hacking comic book!
Watch some our IoT security research
Live On Twitch.tv
Upcoming Trainings by our Team!
Practical Android Exploitation
Blackhat, Las Vegas 2017
Software Exploitation Via Hardware Exploitation
Blackhat Las, Vegas 2017
Practical ARM Exploitation